1 / 25

Creating a [legacy & EFI] PXE server using pxelinux

Creating a [legacy & EFI] PXE server using pxelinux. Legacy & EFI PXE boot support, using Fedora 20 as end-to-end example. Why PXE and EFI?. Why PXE? Fast way to image and re-image servers Well known; well documented Can be used for variety of OS versions.

rusty
Télécharger la présentation

Creating a [legacy & EFI] PXE server using pxelinux

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Creating a [legacy & EFI] PXE server using pxelinux Legacy & EFI PXE boot support, using Fedora 20 as end-to-end example

  2. Why PXE and EFI? • Why PXE? • Fast way to image and re-image servers • Well known; well documented • Can be used for variety of OS versions. • Minimal infrastructure requirement, all open source. • Why EFI? • Faster boot • Default boot method on newer servers • Support for GPT partitioning (larger disks) • MS heavily promoting “secure EFI boot”

  3. Why PxeLinux? Professional-looking menus!

  4. Organization of this Presentation • Simplest setup first (legacy PXE client only) • Add complexity; regular DHCP clients + legacy PXE clients • Add complexity; regular DHCP clients + EFI PXE clients + legacy PXE clients

  5. What is PXE? • PXE consists of two phases: • Initial DHCP session, with a “enhanced DHCP” packet sent • An ensuing file transfer phase (typically TFTP), where the NBP (Network Bootstrap Program) is loaded • After initial NBP loaded, it knows enough to load the rest of the necessary modules to image the OS.

  6. What do I need? • DHCP server • ISC DHCP server (available with Ubuntu & RHEL) works nicely. • If not ISC, then a DHCP server that understands ISC syntax. • TFTP server • Atftpd or tftpd-hpa (both available with Ubuntu & RHEL) • Web server (or NFS server). to transfer over content. • In this presentation, I use a standard Apache server. • Syslinux • If doing legacy (BIOS) PXE only, any version > 4.0 will work. • If doing EFI PXE, need version 6.03-pre6 or higher.

  7. Setup Internet DHCP Client Legacy PXE Client EFI PXE Client 192.168.1.xx 192.168.0.xx eth1 eth0 192.168.0.100 PXE Server (DHCP, TFTP, Apache)

  8. DHCP Server -- PXE clients only • /etc/default/isc-dhcp-server # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? # Separate multiple interfaces with spaces, e.g. "eth0 eth1". INTERFACES="eth1" • /etc/dhcp/isc-dhcp-server authoritative; subnet 192.168.1.0 netmask 255.255.255.0 { } subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.10 192.168.0.49; default-lease-time 120; max-lease-time 120; option routers 192.168.0.100; option ip-forwarding off; option broadcast-address 192.168.0.255; option subnet-mask 255.255.255.0; option ntp-servers 192.168.0.100; option domain-name-servers 192.168.1.254; next-server 192.168.0.100; filename "pxelinux.0"; }

  9. TFTP directory layout /var/lib/tftpboot/ ├── boot/ │ ├── centos/ │ │ └── 6.2/ │ │ └── x86_64/ │ │ ├── initrd.img │ │ └── vmlinuz │ └── fedora/ │ ├── initrd.img │ └── vmlinuz ├── SplashP.png ├── graphics.conf ├── ldlinux.c32 ├── libcom32.c32 ├── libutil.c32 ├── pxelinux.0 ├── pxelinux.cfg/ │ └── default └── vesamenu.c32

  10. Constructing this TFTP structure # cd /tmp # wgethttps://www.kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.03.tar.gz # tar xzvf syslinux-6.0.3.tar.gz # cd syslinux-6.03/bios/ # cpcore/pxelinux.0 com32/elflink/ldlinux/ldlinux.c32\ com32/menu/vesamenu.c32 com32/lib/libcom32.c32 \ com32/libutil/libutil.c32 /var/lib/tftpboot # cd /var/www/fedora # ls -lh Fedora-20-x86_64-DVD.iso -rw-r--r-- 1 spike spike 4.3G Mar 16 20:53 Fedora-20-x86_64-DVD.iso # mkdir 20_full/ # mount –o loop Fedora-20-x86_64-DVD.iso 20_full/images/pxeboot # FEDORA=/var/lib/tftpboot/boot/fedora # mkdir –p $FEDORA # cpvmlinuzinitrd.img$FEDORA # cd /var/lib/tftpboot # mkdirpxelinux.cfg …Now construct a pxelinux.cfg/default file….

  11. Pxelinux.cfg/default file UI vesamenu.c32 PROMPT 0 MENU TITLE Linux Legacy PXE Boot Menu MENU RESOLUTION 640 480 MENU BACKGROUND SplashP.png MENU INCLUDE graphics.conf LABEL - MENU LABEL Standard Builds MENU DISABLE LABEL Fedora 20 MENU LABEL ^fedora 20 MENU INDENT 3 KERNEL boot/fedora/vmlinuz APPEND initrd=/boot/fedora/initrd.imgramdisk_size=10000 ks=http://192.168.0.100/fedora/fedora_generic.cfg

  12. Simple ks.cfg file # cd /var/www/fedora # cat fedora_generic.cfg install url --url http://192.168.0.100/fedora/20_full lang en_US.UTF-8 keyboard us network --bootprotodhcp rootpw --iscrypted $1$o/HqbZSt$gq16hrOxZOYYKNPVzoFyG. firewall --disabled authconfig --enableshadow --enablemd5 selinux --disabled timezone --utc America/Chicago reboot

  13. Final Result – Time for Demo!

  14. Legacy PXE clients + DHCP clients /etc/dhcp/dhcpd.conf changes: ... class "pxe-clients" { match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; set vendor-string = substring ( option vendor-class-identifier, 0, 9); option bootfile-name "pxelinux.0"; option tftp-server-name "192.168.0.100"; next-server 192.168.0.100; } subnet 192.168.1.0 netmask 255.255.255.0 { } subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.50 192.168.0.99; ... pool { allow members of "pxe-clients"; range 192.168.0.10 192.168.0.49; } }

  15. EFI boot • When client does EFI boot, a special EFI bootloader must be used • efi32/syslinux.efi for a 32-bit EFI client • efi64/syslinux.efi for a 64-bit EFI client • bios/core/pxelinux.0 for legacy PXE client • All above bootloaders supplied with syslinux package • Once EFI bootloader loaded, it loads the same kernel and initramfs as before.

  16. Legacy PXE, DHCP & EFI PXE clients 1. Match on VCI class "pxe-clients" { match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; set vendor-string = substring ( option vendor-class-identifier, 0, 9); set vendor-class option vendor-class-identifier; option tftp-server-name "192.168.0.100"; next-server 192.168.0.100; if option vendor-class-identifier = "PXEClient:Arch:00000:UNDI:002001" { option bootfile-name "bios/pxelinux.0"; } elsif option vendor-class-identifier = "PXEClient:Arch:0007:UNDI:003016" { option bootfile-name "efi.x64/syslinux.efi"; } else { option bootfile-name "UNKNOWN_VCI"; } }

  17. Legacy PXE, DHCP & EFI PXE clients 2. Match on arch. … # In initial DHCP DISCOVER packet, PXE client sets option 93 to its arch. # 0000 == IA x86 PC (BIOS boot) # 0006 == x86 EFI boot # 0007 == x64 EFI boot option arch code 93 = unsigned integer 16; class "pxe-clients" { match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; ... if option arch = 00:00 { filename "bios/pxelinux.0"; } elsif option arch = 00:07 { filename "efi.x64/syslinux.efi"; } else { filename "UNKNOWN_VCI"; option bootfile-name "UNKNOWN_VCI"; } }

  18. Legacy PXE, DHCP & EFI PXE clients 3. Subclasses class "pxe-clients" { match option vendor-class-identifier; … option tftp-server-name "192.168.0.100"; … next-server 192.168.0.100; } subclass "pxe-clients" "PXEClient:Arch:00000:UNDI:002001" { option bootfile-name "bios/pxelinux.0"; } subclass "pxe-clients" "PXEClient:Arch:0007:UNDI:003016" { option bootfile-name "efi.x86/syslinux.efi"; }

  19. New TFTP dir structure . ├── bios │ └── … same as previous top-level … └── efi.x64 └── boot -> ../bios/boot ├── SplashP.png -> ../bios/SplashP.png ├── graphics.conf -> ../bios/graphics.conf ├── ldlinux.e64 ├── libcom32.c32 ├── libutil.c32 ├── pxelinux.cfg │ └── default ├── syslinux.efi └── vesamenu.c32

  20. Constructing new EFI TFTP structure # cd /var/lib/tftpboot # mkdir bios/ # mv * bios/ # mkdir efi.x64; EFI64=`pwd`/efi.x64 # cd /tmp/syslinux-6.03/efi/ # cpefi/syslinux.efi com32/elflink/ldlinux/ldlinux.e64 \ com32/menu/vesamenu.c32 com32/lib/libcom32.c32 \ com32/libutil/libutil.c32 $EFI64 # cd $EFI64 # ln –s ../bios/boot . # mkdirpxelinux.cfg …Now construct a pxelinux.cfg/default file….

  21. efi.x64/pxelinux.cfg/default file UI vesamenu.c32 PROMPT 0 menu title Linux EFI PXE Boot Menu MENU RESOLUTION 640 480 MENU BACKGROUND DellSplashP.png MENU INCLUDE graphics.conf LABEL - MENU label Standard Builds MENU DISABLE LABEL Fedora 20 MENU LABEL ^fedora 20 MENU INDENT 3 MENU DEFAULT KERNEL boot/fedora/vmlinuz APPEND initrd=/boot/fedora/initrd.imgramdisk_size=10000 ks=http://192.168.0.100/fedora/fedora_efi_generic.cfg

  22. Other configuration changes • ks.cfg file bootloader --location=partition --driveorder=sda zerombr if setting up partitioning in ks.cfg, prepend: part /boot/efi --fstypevfat --size=300 --asprimary • vmlinuz, initrd.img – no change.

  23. Final Result – Time for Demo!

  24. Troubleshooting • Look at your logs! • DHCP server logs • TFTP server logs • Apache access logs • Wireshark is your friend! (particularly in DHCP/TFTP phases) • Get simple case working first. • Get PXE client-only working first. • Then handle multiple arch’s in dhcpd.conf • Finally get EFI working. • Syslinux mailing list is great.

  25. Conclusion • With just a few open-source packages and one Linux server, you can construct your own PXE server • Supporting only legacy PXE clients is very easy. • Supporting both DHCP clients and PXE clients is relatively easy. • Adding EFI PXE clients adds complexity to configuration, but is achievable.

More Related